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CLAIMS 



1 . A method of managing meta data using a central repository at a central 
repository subsystem, the central repository being accessible by a computing device 
5 through a communications network, the method comprising the steps of: 

connecting to the central repository through the communications network 
based on a user input; 

updating a local repository of the computing device with at least one segment 
from the central repository that is associated with the user to produce a meta data 
10 collection associated with the user; and 

utilizing, by the computing device, the meta data collection during a current 
user session at the computing device to assist the user in using the computing 
device. 

15 2. The method of claim 1 , further comprising the step of: 

uploading any new segment from the computing device to the central 
repository at a predetermined time. 

3. The method of claim 1 , further comprising the step of: 

20 incrementally uploading any new meta data generated during the current user 

session from the computing device to the central repository. 

4. The method of claim 1 , wherein the connecting step includes: 

receiving, by the central repository subsystem, authentication information from 
25 the user; 



verifying validity of the authentication information; and 



notifying the computing device that the user has proper authority to access 
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the central repository if the authentication information is verified as valid. 

5. The method of claim 4, wherein the authentication information includes user 
identification, a pass phrase of the user, and an identifier for the central repository or 

5 a component at the central repository subsystem. 

6. The method of claim 5, wherein the verifying step includes: 
determining a secret key represented as a hash of the received user 

identification concatenated with a hash of the received identifier encrypted with the 
10 received pass phrase; and 

comparing the secret key with a stored key associated with the user. 

7. The method of claim 1 , wherein the updating step includes: 
determining if the local repository is at a null state; 

15 first requesting the central repository subsystem to transmit any segment 

associated with the user that has not been applied to the computing device if the 
determining step indicates that the local repository is not at a null state; and 

second requesting the central repository subsystem to transmit all segments 
associated with the user if the determining step indicates that the local repository is 

20 at a null state. 

8. The method of claim 7, wherein the updating step further includes: 
receiving at least one segment from the central repository subsystem in 

response to said first requesting step; 
25 decrypting the at least one segment; and 

applying the decrypted at least one segment to the meta data collection to 
produce the meta data collection associated with the user. 
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9. The method of claim 7, wherein the updating step further includes: 
receiving at least one segment from the central repository subsystem in 

response to said second requesting step; 

decrypting the at least one segment; and 

generating the meta data collection for the user using the decrypted at least 
one segment. 

10. The method of claim 1, wherein the utilizing step includes: 

retrieving, using heuristics algorithms, from the meta data collection, meta 
data that would be most appropriate for a current context of using the computing 
device; and 

applying the retrieved meta data in the current context. 

1 1 . The method of claim 1 0, wherein the current context includes at least one of 
the following: opening a web page, filling in a computer form, filling in a password- 
changing form, providing a certificate, opening a computer file, processing a 
computer file, or executing an application program. 

12. The method of claim 10, wherein the utilizing step further includes: 
continuously collecting meta data resulting from use of the computing device 

during the current user session at the computing device; and the method further 
comprises: 

generating a new segment based on the collected meta data upon 
completion of the current user session; and 
processing the new segment. 
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13. The method of claim 12, wherein the processing step includes: 
updating the meta data collection with the new segment if said meta data 

collection exists in the local repository; and 

storing the new segment in the local repository as a meta data collection for 
the user if said meta data collection does not exist in the local repository. 

14. The method of claim 12, wherein the meta data includes application data for 
being usable in an application executable on the computing device, and context data 
for identifying context in which said application data are used, and wherein the 
utilizing step further includes: 

determining statistical information associated with the meta data, the 
statistical information indicating relationships between the meta data, wherein the 
retrieving step is performed in part based on the statistical information. 

15. The method of claim 14, wherein the context data identify at least one of the 
following: user roles, uniform resource identifiers (URIs), file names, and/or form 
names pertaining to the application data. 

16. The method of claim 14, wherein the application data include at least one of 
the following: page display setting data, file display setting data, user ID/password 
combinations, field values for computer forms, user's preference data, bookmarks, 
and certificates. 

17. The method of claim 10, wherein the current context is for filling in a computer 
form, and the applying step includes: 

automatically filling in the computer form with said most appropriate meta 

data. 
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18. The method of claim 10, wherein, if the current context is for filling in a 
computer form, the utilizing step further includes: 

retrieving, from the meta data collection, alternative meta data that are related 
5 to the current context of filling in the computer form; and 

presenting the alternative meta data to the user for the user's consideration. 

1 9. The method of claim 1 0, wherein the current context is for filling in a 
password-changing computer form, and the retrieved meta data includes a user 

10 identification and a password, and wherein the applying step includes: 



presenting to the user the password in an obfuscated format; 
determining whether it is safe to present the actual password to the user; and 
presenting the actual password in a non-obfuscated format when it is 
determined to be safe to present the actual password. 



20. The method of claim 1, wherein the utilizing step includes: 
formulating search requirements based on a current context of using the 

computing device; and 

executing a search based on the search requirements using the heuristics 
20 algorithms. 

21 . The method of claim 20, wherein the search requirements specify weighted 
properties of the current context of using the computing device. 

25 22. The method of claim 1 , further comprising the step of: 

providing a graphical user interface (GUI) for allowing the user to organize the 
meta data collection. 
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23. The method of claim 22, wherein the GUI displays a graphical tool in a 
cylindrical configuration for organizing the meta data collection. 

24. The method of claim 2, wherein the uploading step includes: 
temporarily locking the local repository; 

encrypting the new segment using an encryption key; 
transmitting the encrypted new segment from the computing device to the 
central repository subsystem for storage in the central repository; and 
unlocking the local repository. 

25. The method of claim 24, wherein, in the encrypting step, the encryption key is 
represented as a hash of identifying information associated with the new segment, 
concatenated with a pass phrase of the user. 

26. The method of claim 1 , wherein the computing device implements a Common 
Data Security Architecture (CDSA), and the utilizing step is performed by a CDSA 
add-on module. 

27. The method of claim 1 , wherein the central repository subsystem is 
implemented using WebDAV protocols. 

28. A computer program product embodied on computer readable medium 
readable by at least one of a computing device and a central repository subsystem, 
for managing meta data using a central repository at the central repository 
subsystem, the central repository being accessible by the computing device through 
a communication network, the computer program product comprising computer 
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executable instructions for: 

connecting, through the communications network, to the central repository 
based on a user input; 

updating a local repository of the computing device with at least one segment 
from the central repository that is associated with the user to produce a meta data 
collection associated with the user; and 

utilizing, by the computing device, the meta data collection during a current 
user session at the computing device to assist the user in using the computing 
device. 

29. The computer program product of claim 28, further comprising computer 
executable instructions for: 

uploading any new segment from the computing device to the central 
repository at a predetermined time. 

30. The computer program product of claim 28, further comprising computer 
executable instructions for: 

incrementally uploading any new meta data generated during the current user 
session from the computing device to the central repository. 

31 . The computer program product of claim 28, wherein the computer executable 
instructions for connecting include computer executable instructions for: 

receiving, by the central repository subsystem, authentication information from 
the user; 

verifying validity of the authentication information; and 
notifying the computing device that the user has proper authority to access 
the central repository if the authentication information is verified as valid. 
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32. The computer program product of claim 31 , wherein the authentication 
information includes user identification, a pass phrase of the user, and an identifier 
for the central repository or a component at the central repository subsystem. 

33. The computer program product of claim 32, wherein the computer executable 
instructions for verifying include computer executable instructions for: 

determining a secret key represented as a hash of the received user 
identification concatenated with a hash of the received identifier encrypted with the 
received pass phrase; and 

comparing the secret key with a stored key associated with the user. 

34. The computer program product of claim 28, wherein the computer executable 
instructions for updating include computer executable instructions for: 

determining if the local repository is at a null state; 

first requesting the central repository subsystem to transmit any segment 
associated with the user that has not been applied to the computing device if the 
local repository is not at a null state; and 

second requesting the central repository subsystem to transmit all segments 
associated with the user if the local repository is at a null state. 

35. The computer program product of claim 34, wherein the computer executable 
instructions for updating further include computer executable instructions for: 

receiving at least one segment from the central repository subsystem in 
response to said first requesting instructions; 

decrypting the at least one segment; and 

applying the decrypted at least one segment to the meta data collection to 
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produce the meta data collection associated with the user. 

36. The computer program product of claim 34, wherein the computer executable 
instructions for updating further include computer executable instructions for: 

receiving at least one segment from the central repository subsystem in 
response to said second requesting instructions; 

decrypting the at least one segment; and 

generating the meta data collection for the user using the decrypted at least 
one segment. 



37. The computer program product of claim 28, wherein the computer executable 
instructions for utilizing include computer executable instructions for: 

retrieving, using heuristics algorithms, from the meta data collection, meta 
data that would be most appropriate for a current context of using the computing 
15 device; and 

applying the retrieved meta data in the current context. 

38. The computer program product of claim 37, wherein the current context 
includes at least one of the following: opening a web page, filling in a computer 

20 form, filling in a password-changing form, providing a certificate, opening a computer 
file, processing a computer file, or executing an application program. 

39. The computer program product of claim 37, wherein the computer executable 
instructions for utilizing further include computer executable instructions for: 

25 continuously collecting meta data resulting from use of the computing device 

during the current user session at the computing device; and the method further 
comprises computer executable instructions for: 
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generating a new segment based on the collected meta data upon completion 
of the current user session; and 

processing the new segment. 

40. The computer program product of claim 39, wherein the computer executable 
instructions for processing include computer executable instructions for: 

updating the meta data collection with the new segment if said meta data 
collection exists in the local repository; and 

storing the new segment in the local repository as a meta data collection for 
the user if said meta data collection does not exist in the local repository. 

41 . The computer program product of claim 39, wherein the meta data includes 
application data for being usable in an application executable on the computing 
device, and context data for identifying context in which said application data are 
used, and wherein the computer executable instructions for utilizing further include 
computer executable instructions for: 

determining statistical information associated with the meta data, the 
statistical information indicating relationships between the meta data, wherein the 
computer executable instructions for retrieving are performed in part based on the 
statistical information. 

42. The computer program product of claim 41 , wherein the context data identify 
at least one of the following: user roles, uniform resource identifiers (URIs), file 
names, and/or form names pertaining to the application data. 

43. The computer program product of claim 41 , wherein the application data 
include at least one of the following: page display setting data, file display setting 
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data, user ID/password combinations, field values for computer forms, user's 
preference data, bookmarks, and certificates. 

44. The computer program product of claim 37, wherein the current context is for 
filling in a computer form, and the computer executable instructions for applying 
include computer executable instructions for: 

automatically filling in the computer form with said most appropriate meta 

data. 

45. The computer program product of claim 37, wherein, if the current context is 
for filling in a computer form, the computer executable instructions for utilizing further 
include computer executable instructions for: 

retrieving, from the meta data collection, alternative meta data that are related 
to the current context of filling in the computer form; and 

presenting the alternative meta data to the user for the user's consideration. 

46. The computer program product of claim 37, wherein the current context is for 
filling in a password-changing computer form, and the retrieved meta data includes a 
user identification and a password, and wherein the computer executable 
instructions for applying include computer executable instructions for: 

presenting to the user the password in an obfuscated format; 
determining whether it is safe to present the actual password to the user; and 
presenting the actual password in a non-obfuscated format when it is 
determined to be safe to present the actual password. 

47. The computer program product of claim 28, wherein the computer executable 
instructions for utilizing include computer executable instructions for: 



PATENT 



Express Mail No. ET944325875US 
Attorney Docket No. RSW920010122US1 



formulating search requirements based on a current context of using the 
computing device; and 

executing a search based on the search requirements using the heuristics 

algorithms. 

48. The computer program product of claim 47, wherein the search requirements 
specify weighted properties of the current context of using the computing device. 

49. The computer program product of claim 28, further comprising computer 
executable instructions for: 

providing a graphical user interface (GUI) for allowing the user to organize the 
meta data collection. 

50. The computer program product of claim 49, wherein the GUI displays a 
graphical tool in a cylindrical configuration for organizing the meta data collection. 

51 . The computer program product of claim 29, wherein the computer executable 
instructions for uploading include computer executable instructions for: 

temporarily locking the local repository; 
encrypting the new segment using an encryption key; 
transmitting the encrypted new segment from the computing device to the 
central repository subsystem for storage in the central repository; and 
unlocking the local depository. 

52. The computer program product of claim 51, wherein the encryption key is 
represented as a hash of identifying information associated with the new segment, 
concatenated with a pass phrase of the user. 
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53. The computer program product of claim 28, wherein the computing device is 
configured in Common Data Security Architecture (CDSA), and the computer 
executable instructions for utilizing are performed by an add-on module to the CDSA 
configuration. 

54. The computer program product of claim 28, wherein the central repository 
subsystem is implemented using WebDAV protocols. 

55. A system for managing meta data in a secure manner, the system comprising 
a central repository subsystem including a central repository for storing a 

plurality of segments associated with a user in a collection order; and 

at least one computing device capable of communicating with the central 
repository subsystem through a communications network, the computing device 
including a local repository and being capable of connecting, through the 
communications network, to the central repository based on a user input, updating 
the local repository with at least one of the segments from the central repository to 
produce a meta data collection associated with the user, and utilizing the meta data 
collection during a current user session at the computing device to assist the user in 
using the computing device. 

56. The system of claim 55, wherein the computing device uploads any new 
segment to the central repository at a predetermined time. 

57. The system of claim 55, wherein the computing device incrementally uploads 
to the central repository any new meta data generated during the current user 
session. 
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58. The system of claim 55, wherein the computing device further includes: 

a plurality of applications selectably executable on the computing device; 

a security-service providing architecture structure for selectively providing 
security-based services to at least one of the plurality of applications; 

a data repository module, provided as an add-in module to the security- 
service providing architecture, for utilizing the meta data collection to assist the user 
in using the computing device; and 

an encryption/decryption module for encryption any new segment to be 
transmitted to the central repository subsystem. 

59. The system of claim 55, wherein the central repository subsystem further 
includes a manager for managing the central repository, and wherein the central 
repository subsystem receives from the computing device authentication information 
input by the user, verifies validity of the authentication information, and notifies the 
computing device that the user has proper authority to access the central repository 
if the authentication information is verified as valid. 

60. The system of claim 59, wherein the authentication information includes user 
identification, a pass phrase of the user, and an identifier for the central repository or 
a component at the central repository subsystem. 

61 . The system of claim 59, wherein the central repository subsystem determines 
a secret key represented as a hash of the received user identification concatenated 
with a hash of the received identifier encrypted with the received pass phrase, and 
compares the secret key with a stored key associated with the user to verify the 
user's authentication information. 



58 




PATENT 



Express Mail No. ET944325875US 
Attorney Docket No. RSW920010122US1 



62. The system of claim 58, wherein the data repository module determines if the 
local repository is at a null state, transmits a first request to the central repository 
subsystem to transmit any segment associated with the user that has not been 
applied to the computing device if the local repository is not at a null state, and 
transmits a second request to the central repository subsystem to transmit all 
segments associated with the user if the local repository is at a null state. 

63. The system of claim 62, wherein the encryption/decryption module receives at 
least one segment from the central repository subsystem in response to said first 
request, and decrypts the at least one segment, and wherein the data repository 
module applies the decrypted at least one segment to the meta data collection to 
produce the meta data collection associated with the user. 

64. The system of claim 62, wherein the encryption/decryption module receives at 
least one segment from the central repository subsystem in response to said second 
request, and decrypts the at least one segment, and wherein the data repository 
module generates the meta data collection for the user using the decrypted at least 
one segment. 

65. The system of claim 58, wherein the data repository module retrieves using 
heuristics algorithms, from the meta data collection, meta data that would be most 
appropriate for a current context of using the computing device, and transmits the 
retrieved meta data to an appropriate one of the applications which in turn applies 
the retrieved meta data in the current context. 

66. The system of claim 65, wherein the current context includes at least one of 
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the following: opening a web page, filling in a computer form, filling in a password- 
changing form, providing a certificate, opening a computer file, processing a 
computer file, or executing an application program. 

67. The system of claim 65, wherein the data repository module continuously 
collects meta data resulting from use of the computing device during the current user 
session at the computing device, and generates a new segment based on the 
collected meta data upon completion of the current user session. 

68. The system of claim 67, wherein the data repository module updates the meta 
data collection with the new segment if the meta data collection exists in the local 
repository, and stores the new segment in the local repository as a meta data 
collection for the user if the meta data collection does not exist in the local repository. 

69. The system of claim 67, wherein the meta data includes application data for 
being usable in an application executable on the computing device, and context data 
for identifying context in which said application data are used, and wherein the data 
repository module determines statistical information associated with the meta data 
and retrieves said appropriate meta data based on the statistical information, the 
statistical information indicating relationships between the meta data. 

70. The system of claim 69, wherein the context data identify at least one of the 
following: user roles, uniform resource identifiers (URIs), file names, and/or form 
names pertaining to the application data. 

71 . The system of claim 69, wherein the application data include at least one of 
the following: page display setting data, file display setting data, user ID/password 
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combinations, field values for computer forms, user's preference data, bookmarks, 
and certificates. 

72. The system of claim 65, wherein the current context is for filling in a computer 
form, and said appropriate one of the applications automatically fills the computer 
form with said most appropriate meta data. 

73. The system of claim 65, wherein, if the current context is for filling in a 
computer form, the data repository module retrieves, from the meta data collection, 
alternative meta data that are related to the current context of filling in the computer 
form, and transmits the alternative meta data to said appropriate one of the 
applications which in turn presents the alternative meta data to the user for the 
user's consideration. 

74. The system of claim 65, wherein the current context is for filling in a 
password-changing computer form, and the retrieved meta data includes a user 
identification and a password, and wherein the data repository module controls said 
appropriate one of the applications to present to the user the password in an 
obfuscated format, determines whether it is safe to present the actual password to 
the user, and controls said appropriate one of the applications to present the actual 
password in a non-obfuscated format when it is determined to be safe to present the 
actual password. 

75. The system of claim 58, wherein the data repository module formulates 
search requirements based on a current context of using the computing device, and 
executes a search based on the search requirements using the heuristics algorithms. 
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76. The system of claim 75, wherein the search requirements specify weighted 
properties of the current context of using the computing device. 

77. The system of claim 55, further comprising: 

5 a meta data editor for allowing the user to organize the meta data collection. 

78. The system of claim 77, wherein the meta data editor displays a graphical tool 
in a cylindrical configuration for organizing the meta data collection. 

10 79. The system of claim 58, wherein the data repository module temporarily locks 
the local repository and creates the new segment based on collected meta data; the 
encryption/decryption module encrypts the new segment using an encryption key; 
and the data repository module transmits the encrypted new segment to the central 
repository subsystem for storage in the central repository and unlocks the local 

15 repository. 

80. The system of claim 79, wherein the encryption key is represented as a hash 
of identifying information associated with the new segment, concatenated with a 
pass phrase of the user. 

20 

81 . The system of claim 58, wherein the computing device is configured in 
Common Data Security Architecture (CDSA), and the data repository module is an 
add-on module to the CDSA configuration. 

25 82. The system of claim 55, wherein the central repository subsystem is 
implemented using WebDAV protocols. 
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83. The system of claim 55, wherein at least one of the central repository and the 
local repository is implemented using a network-attached storage. 

84. The system of claim 58, wherein the data repository module resides on a 
proxy machine accessible through a predetermined connection means. 
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